Cloud scale directory services

ABSTRACT

Embodiments described herein are directed to providing scalability to software applications. A computer system partitions a portion of data stored in a directory services system into multiple different data partitions. Each data partition includes a primary writable copy and at least one secondary read-only copy of the data. The computer system receives a client request for a portion of the data that is stored in the directory services system and accesses various stored partition mappings to determine which of the different data partitions includes the requested data. The computer system also accesses a dynamic copy locator to determine which of the read-only copies of the indicated partition to access and provide the accessed primary writeable copy of the indicated partition and the determined read-only copy to the client in a virtualized manner so that the client is not aware of the data partitions.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation from and claims priority to and thebenefit of U.S. patent application Ser. No. 14/172,016, entitled “CLOUDSCALE DIRECTORY SERVICES,” which was filed on Feb. 4, 2014, and isexpressly incorporated herein in its entirety. (application Ser. No.14/172,016 is to issue as Pat. No. 9,218,136 on Dec. 22, 2015.)application Ser. No. 14/172,016, in turn, claims priority to and thebenefit of U.S. patent application Ser. No. 12/635,028, entitled “CLOUDSCALE DIRECTORY SERVICES,” which was filed on Dec. 10, 2009, and whichis expressly incorporated herein in its entirety. (U.S. Pat. App. No.12/635,028 issued as U.S. Pat. No. 8,645,660 on Feb. 4, 2014.)

BACKGROUND

Computers have become highly integrated in the workforce, in the home,in mobile devices, and many other places. Computers can process massiveamounts of information quickly and efficiently. Software applicationsdesigned to run on computer systems allow users to perform a widevariety of functions including business applications, schoolwork,entertainment and more. Software applications are often designed toperform specific tasks, such as word processor applications for draftingdocuments, or email programs for sending, receiving and organizingemail.

In many cases, software applications are designed to interact with othersoftware applications or other computer systems. For example, directoryservices systems may be used to provide access to information sought bya user or other software application. In some cases, softwareapplications are designed with scalability in mind. Such applicationsallow virtually any number of users to use the application, provided theapplication has proper network and computing support. Otherapplications, however, were not designed with such scalability in mind.

BRIEF SUMMARY

Embodiments described herein are directed to providing scalability tosoftware applications. In one embodiment, a computer system providescloud scale directory services to a plurality of clients. The computersystem partitions at least a portion of data stored in a directoryservices system into multiple different data partitions. Each datapartition includes a primary writable copy and at least one secondaryread-only copy of the data. The computer system receives a clientrequest for a portion of the data that is stored in the directoryservices system and accesses various stored partition mappings todetermine which of the different data partitions includes the requesteddata. The computer system accesses a dynamic copy locator to determinewhich of the read-only copies of the indicated partition to access. Thecomputer system also provides the accessed primary writeable copy of theindicated partition and the determined read-only copy to the client in avirtualized manner so that the client is not aware of the datapartitions.

In another embodiment, a computer system initiates a single masterstorage system for use with a multi-master directory services store sothat, within the single master storage system, all changes to a portionof data are made to a single copy, where each data partition includes aprimary writable copy and at least one secondary read-only copy of thedata. A single master storage system user is separately connected to theprimary copy and to the secondary copy. The computer system receiveschanges that are to be made to a portion of data stored in a partitionof the directory services store and applies the changes to the primary,writable copy of the partition. The computer system also promptly andautomatically replicates the changes made to the primary writable copyto the secondary read-only copy to which the single master storagesystem user is directly connected.

In another embodiment, a computer system allocates copies to clients ina scalable and efficient manner. The computer system receives multiplerequests from various different clients for data portions stored in adirectory services store. The data portions are partitioned intomultiple different data partitions, where each data partition includes aprimary writable copy and at least one secondary read-only copy of thedata. The computer system determines, based on various network, data,directory services or client characteristics, that the secondaryread-only copies of the partitioned data are to be dynamically allocatedto ensure that the data is efficiently delivered to each of the clients.The computer system also dynamically allocates the secondary data copiesto various data partitions to ensure that the data is efficientlydelivered to each of the clients.

This Summary is provided to introduce a selection of concepts in asimplified form that are further described below in the DetailedDescription. This Summary is not intended to identify key features oressential features of the claimed subject matter, nor is it intended tobe used as an aid in determining the scope of the claimed subjectmatter.

Additional features and advantages will be set forth in the descriptionwhich follows, and in part will be obvious from the description, or maybe learned by the practice of the teachings herein. Features andadvantages of the invention may be realized and obtained by means of theinstruments and combinations particularly pointed out in the appendedclaims. Features of the present invention will become more fullyapparent from the following description and appended claims, or may belearned by the practice of the invention as set forth hereinafter.

BRIEF DESCRIPTION OF THE DRAWINGS

To further clarify the above and other advantages and features ofembodiments of the present invention, a more particular description ofembodiments of the present invention will be rendered by reference tothe appended drawings. It is appreciated that these drawings depict onlytypical embodiments of the invention and are therefore not to beconsidered limiting of its scope. The invention will be described andexplained with additional specificity and detail through the use of theaccompanying drawings in which:

FIG. 1 illustrates a computer architecture in which embodiments of thepresent invention may operate including providing cloud scale directoryservices to a plurality of clients.

FIG. 2 illustrates a flowchart of an example method for providing cloudscale directory services to a plurality of clients.

FIG. 3 illustrates a computer architecture in which embodiments of thepresent invention may operate including implementing a single mastermodel on top of a multi-master store.

FIG. 4 illustrates a flowchart of an example method for implementing asingle master model on top of a multi-master store.

FIG. 5 illustrates a computer architecture in which embodiments of thepresent invention may operate including allocating replicas to clientsin a scalable and efficient manner.

FIG. 6 illustrates a flowchart of an example method for allocatingreplicas to clients in a scalable and efficient manner.

FIG. 7 illustrates an embodiment of the present invention in whichmultiple datacenters are used to store a partition.

DETAILED DESCRIPTION

Embodiments described herein are directed to providing scalability tosoftware applications. In one embodiment, a computer system providescloud scale directory services to a plurality of clients. The computersystem partitions at least a portion of data stored in a directoryservices system into multiple different data partitions. Each datapartition includes a primary writable copy and at least one secondaryread-only copy of the data. The computer system receives a clientrequest for a portion of the data that is stored in the directoryservices system and accesses various stored partition mappings todetermine which of the different data partitions includes the requesteddata. The computer system accesses a dynamic copy locator to determinewhich of the read-only copies of the indicated partition to access. Thecomputer system also provides the accessed primary writeable copy of theindicated partition and the determined read-only copy to the client in avirtualized manner so that the client is not aware of the datapartitions.

In another embodiment, a computer system initiates a single masterstorage system for use with a multi-master directory services store sothat, within the single master storage system, all changes to a portionof data are made to a single copy, where each data partition includes aprimary writable copy and at least one secondary read-only copy of thedata. A single master storage system user is separately connected to theprimary copy and to the secondary copy. The computer system receiveschanges that are to be made to a portion of data stored in a partitionof the directory services store and applies the changes to the primary,writable copy of the partition. The computer system also promptly andautomatically replicates the changes made to the primary writable copyto the secondary read-only copy to which the single master storagesystem user is directly connected.

In another embodiment, a computer system allocates copies to clients ina scalable and efficient manner. The computer system receives multiplerequests from various different clients for data portions stored in adirectory services store. The data portions are partitioned intomultiple different data partitions, where each data partition includes aprimary writable copy and at least one secondary read-only copy of thedata. The computer system determines, based on various network, data,directory services or client characteristics, that the secondaryread-only copies of the partitioned data are to be dynamically allocatedto ensure that the data is efficiently delivered to each of the clients.The computer system also dynamically allocates the secondary data copiesto various data partitions to ensure that the data is efficientlydelivered to each of the clients.

The following discussion now refers to a number of methods and methodacts that may be performed. It should be noted, that although the methodacts may be discussed in a certain order or illustrated in a flow chartas occurring in a particular order, no particular ordering isnecessarily required unless specifically stated, or required because anact is dependent on another act being completed prior to the act beingperformed.

Embodiments of the present invention may comprise or utilize a specialpurpose or general-purpose computer including computer hardware, asdiscussed in greater detail below. Embodiments within the scope of thepresent invention also include physical and other computer-readablemedia for carrying or storing computer-executable instructions, computerprogram products and/or data structures. Such computer-readable mediacan be any available media that can be accessed by a general purpose orspecial purpose computer system. Computer-readable media that storecomputer-executable instructions are physical storage media includingrecordable-type storage media. Computer-readable media that carrycomputer-executable instructions are transmission media. Thus, by way ofexample, and not limitation, embodiments of the invention can compriseat least two distinctly different kinds of computer-readable media:physical storage media and transmission media.

Physical storage media includes RAM, ROM, EEPROM, CD-ROM or otheroptical disk storage, magnetic disk storage or other magnetic storagedevices, or any other medium which can be used to store desired programcode means in the form of computer-executable instructions or datastructures and which can be accessed by a general purpose or specialpurpose computer.

A “network” is defined as one or more data links that enable thetransport of electronic data between computer systems and/or modulesand/or other electronic devices. When information is transferred orprovided over a network or another communications connection (eitherhardwired, wireless, or a combination of hardwired or wireless) to acomputer, the computer properly views the connection as a transmissionmedium. Transmission media can include a network and/or data links whichcan be used to carry or transport desired program code means in the formof computer-executable instructions or data structures and which can beaccessed by a general purpose or special purpose computer. Combinationsof the above should also be included within the scope ofcomputer-readable media.

However, it should be understood, that upon reaching various computersystem components, program code means in the form of computer-executableinstructions or data structures can be transferred automatically fromtransmission media to physical storage media. For example,computer-executable instructions or data structures received over anetwork or data link can be buffered in RAM within a network interfacecard, and then eventually transferred to computer system RAM and/or toless volatile physical storage media at a computer system. Thus, itshould be understood that physical storage media can be included incomputer system components that also (or even primarily) utilizetransmission media.

Computer-executable instructions comprise, for example, instructions anddata which cause a general purpose computer, special purpose computer,or special purpose processing device to perform a certain function orgroup of functions. The computer executable instructions may be, forexample, binaries, intermediate format instructions such as assemblylanguage, or even source code. Although the subject matter has beendescribed in language specific to structural features and/ormethodological acts, it is to be understood that the subject matterdefined in the appended claims is not necessarily limited to thedescribed features or acts described above. Rather, the describedfeatures and acts are disclosed as example forms of implementing theclaims.

Those skilled in the art will appreciate that the invention may bepracticed in network computing environments with many types of computersystem configurations, including, personal computers, desktop computers,laptop computers, message processors, hand-held devices, multi-processorsystems, microprocessor-based or programmable consumer electronics,network PCs, minicomputers, mainframe computers, mobile telephones,PDAs, pagers, routers, switches, and the like. The invention may also bepracticed in distributed system environments where local and remotecomputer systems, which are linked (either by hardwired data links,wireless data links, or by a combination of hardwired and wireless datalinks) through a network, both perform tasks. In a distributed systemenvironment, program modules may be located in both local and remotememory storage devices.

FIG. 1 illustrates a computer architecture 100 in which the principlesof the present invention may be employed. Computer architecture 100includes directory services system 110. Directory services system (DSS)110 (or “system 110” herein) may comprise any type of data storagesystem, database or other data provisioning system. DSS 110 may beconfigured to receive a data request (e.g. 106) from a client (e.g. 105)and provide, modify or otherwise access the data as requested by theclient. In some embodiments, DSS 110 may receive data requests from manythousands or millions of clients. Accordingly, system 110 may be scaledto match the demand for data. This scaling may occur within a “cloud” orseries of interconnected computer servers that are each configured toprovide data to clients based on their requests.

Directory services system 110 may be scaled to provide data tosubstantially any number of users. Such scaling may occur through theuse of data partition module 115. Data partition module 115 may beconfigured to divide or partition data from data store 116 into anynumber of data partitions. As shown in FIG. 1, a portion of data may bepartitioned into data partition A (120A), data partition B (120B) andany number of other partitions as represented by ellipses 120C. Eachdata partition may include a primary copy and any number of secondarycopies, where the primary copy is writable and the secondary copies areread-only. Accordingly, data partition A (120A) may include primarywritable copy 121A and secondary read-only copy 122A and data partitionB (120B) may include primary writable copy 121B and secondary read-onlycopies 122B and 123B.

Partition mapping module 130 of directory services system 110 may beconfigured to maintain mapping information regarding each of the datapartitions. For example, partition mapping module 130 may store mappinginformation indicating which data is stored in each of the partitionscreated by data partition module 115. Thus, partition mapping module 130may be queried to determine which information is stored in any givenpartition or, alternatively, module 130 may be queried to determinewhich data partition is storing a requested piece of information.Moreover, the partition mapping module may itself be stored in apartition with its own primary writable copy and other secondaryread-only copies. Thus, at least in some cases, the partition mappingmodule may itself be partitioned to accommodate a very large number ofclients.

After determining which data partition is storing the requestedinformation, dynamic copy locator 135 can be used to determine whichsecondary copy is storing the requested information. As each datapartition may include substantially any number of secondary read-onlycopies, a dynamic copy locator may be implemented to determine whichcopy or copies actually hold the desired information. Thus, dynamic copylocator 135 may also maintain mappings or other metadata indicating whatinformation each secondary copy is currently storing. Once the correctdata partition and secondary copies have been determined, DSS 110 maysend an indication of the primary writable copy 121X and determinedsecondary read-only copy (or copies) 122X that are currently being usedto store the information requested by the client. These indications maybe packaged or stored in a data structure (e.g. 142) which is designedto hide some or all of the partitioning details from the client. Thisprocess will be explained in greater detail below with regard to method200 of FIG. 2.

In view of the systems and architectures described above, methodologiesthat may be implemented in accordance with the disclosed subject matterwill be better appreciated with reference to the flow charts of FIGS. 2,4 and 6. For purposes of simplicity of explanation, the methodologiesare shown and described as a series of blocks. However, it should beunderstood and appreciated that the claimed subject matter is notlimited by the order of the blocks, as some blocks may occur indifferent orders and/or concurrently with other blocks from what isdepicted and described herein. Moreover, not all illustrated blocks maybe required to implement the methodologies described hereinafter.

FIG. 2 illustrates a flowchart of a method 200 for providing cloud scaledata access to a plurality of clients. The method 200 will now bedescribed with frequent reference to the components and data ofenvironment 100.

Method 200 includes an act of partitioning a portion of data stored in adirectory services system into a plurality of different data partitions,wherein each data partition includes a primary writable copy and atleast one secondary read-only copy of the data, and wherein thedirectory services system is configured to provide data to a limitednumber of clients (act 210). For example, data partitioning module 115may partition a portion of data stored in data store 116 of DSS 110 intodata partitions 120A and 120B, where each data partition includes aprimary writable copy (121A/121B) and at least one secondary read-onlycopy (122A/122B/123B). DSS 110 may be limited in the number of clientsit can service, either due to a lack of resources or due to its owninternal programming. In other words, at least in some cases, DSS 110may not have been designed to scale to a large number of users.Accordingly, the steps below allow for such scaling, regardless of howthe DSS was originally programmed.

Method 200 includes an act of receiving a client request for a portionof the data that is stored in the directory services system (act 220).For example, DSS 110 may receive client request 106 from client 105requesting a portion of data stored in data store 116. In some cases,the client may be a computer user requesting information from DSS 110.In other cases, the client may be a computer program or application thatis requesting the information on behalf of the client or perhaps foranother software application.

Method 200 also includes an act of accessing one or more storedpartition mappings to determine which of the plurality of different datapartitions includes the requested data (act 230). For example, DSS 110may access various partition mappings stored in partition mapping module130. Data partitions and/or copies may be created dynamically,on-the-fly while receiving user requests. Similarly, the data partitionsand/or copies may be deleted, modified or removed on-the-fly. Thiscreation, modification and deletion may occur dynamically andtransparently, without the knowledge of the client. Accordingly, if DSS110 determines that some portions of data are in higher demand thanothers, data partition module 115 may be used to dynamically create morepartitions and/or more secondary copies of that data. Likewise, if somedata portions are in low demand or are not being used at all, datapartition module may delete or modify partitions as needed. Thus, DSS110 may continually modify the data partitions to ensure that the dataused most often is being provided by (or is spread across) a sufficientnumber of data partitions.

Thus, while the data partitions are being continually updated, thestored partition mappings are also continuously updated to reflect thenewly added and removed partitions. In this manner, the partitionmapping module 130 is kept continually up to date, so that when a clientrequest is received, partition mapping module can be used to identifywhere each portion of partitioned data is stored. The partitioned datamay be stored in DSS 110 or in other various datacenters. For instance,as shown in FIG. 7, multiple different directory services data centersmay be configured to store a single partition with one primarywrite-only copy and multiple secondary read-only copies. Accordingly,datacenter A (705A) includes primary copy 706 and secondary copies 707Aand 707B, while datacenters B (705B) and C (705C) hold secondary copies707C, 707D, 707E, 707F, 707G and 707H, respectively. Element identifier705D indicates that many other datacenters may be used. Moreover, whileeach datacenter is shown holding three data copies, it will beunderstood that each datacenter may store more or less than three datacopies.

Returning to FIG. 2, method 200 includes an act of accessing a dynamiccopy locator to determine which of the read-only copies of the indicatedpartition to access (act 240). For example, DSS 110 may access dynamiccopy locator 135 to determine which of the secondary read-only copies ofthe indicated partition is to be accessed. As mentioned above, a datapartition may include any number of secondary copies. Accordingly, oncethe correct data partition has been identified, the correct secondarycopy (or copies) are to be identified. Thus, like partition mappingmodule 130, dynamic copy locator 135 maintains mappings indicating whichsecondary copies store certain portions of information. As secondarycopies can be deleted, modified or added on-the-fly, dynamic copylocator 135 is kept continually up to date regarding any changes made tocopies within the data partitions. Modifying the data copies can lead toan increase in scalability. For instance, read scalability may beincreased by adding additional read-only copies while write scalabilitymay be increased by adding additional data partitions.

Method 200 includes an act of providing the accessed primary writeablecopy of the indicated partition and the determined read-only copy to theclient in a virtualized manner such that the client is not aware of thedata partitions (act 250). For example, after the partition mappingmodule 130 has determined the proper data partition and after dynamiccopy locator 135 has determined the proper data copies, the determinedprimary writable copy 121X and the determined secondary read-only copyare sent to client 105. This is done in a virtualized manner in that theclient is unaware of the data partitions. As indicated above, determinedprimary copy 121X and any determined secondary copies (e.g. 122X) may behoused in data structure 142 which is configured to hide anypartitioning details that would indicate how the data is partitionedwithin data store 116.

Once the client (or the client's software application) knows thelocation of the data, the client can establish a direct connection tothe data store containing the determined data copies. After such adirect connection is established, the client can make changes to theprimary writable copy using the established connection, without havingto send communications through the partition mapping module 130. Anychanges made to the writable copy are then automatically propagated tothe secondary read-only copies by the directory services system 110. Theclient can continue to make changes to and otherwise work with the dataof primary writable copy 121X as long he or she desires. After which,the user may close the direct connection. In this manner, users canaccess any of the data portions stored in data store 116, make changes,and have those changes propagated to the rest of the directory servicessystem.

Moving now to FIG. 3, FIG. 3 illustrates a computer architecture 300 inwhich the principles of the present invention may be employed. Computerarchitecture 300 includes a data store 320 similar to or the same asdata store 116 of FIG. 1. Data store 320 may be configured to store datapartitions A (321A), B (321B) and others. Each data partition maysimilarly include a primary copy (322A/322B) and one or more secondarycopies (323A/323B). In some cases, a directory services system (e.g. DSS110) may be a multi-master system where multiple different masters areused to manage data input and output.

For instance, as shown in FIG. 3, a directory services system mayinclude multi-master system 315. Multi-master system 315 may beconfigured to receive inputs from users and perform the changes to thestored data based on the inputs. When using multi-master storage system315, each copy may be primary and writable. In some embodiments, asingle master storage system 310 may be implemented. Single masterstorage system 310 may be configured such that all of the client inputs(e.g. data changes 305) that would go to multi-master storage system 315pass through system 310 first. Single master 310 may also be configuredto establish direct connections to the data copies in the datapartitions. For example, single master 310 may establish directconnection 330 with primary writable copy 322A and further establishdirect connection 331 with secondary write-only copy 323A in data store320. Single master functionality will be explained in greater detailbelow with regard to method 400 of FIG. 4.

FIG. 4 illustrates a flowchart of a method 400 for implementing a singlemaster model on top of a multi-master store. The method 400 will now bedescribed with frequent reference to the components and data ofenvironment 300.

Method 400 includes an act of initiate a single master storage systemfor use with a multi-master directory services store such that withinthe single master storage system, all changes to a portion of data aremade to a single copy, wherein each data partition includes a primarywritable copy and at least one secondary read-only copy of the data, andwherein a single master user is separately connected to the primary copyand to the secondary copy (act 410). For example, a computer system mayinitiate single master storage system 310 for use with a multi-masterdirectory services storage system 315 so that all data changes are madeto a single copy (e.g. primary copy 322A). Thus, when a user makeschanges to various data, the changes are made to a single primary copy(e.g. 322B). Thereafter, the changes are propagated to other secondarycopies of data store 320 using the multi-master storage system 315.

In some embodiments, two or more directory services instances may bearranged in a clustered configuration that shares a single storage areanetwork (SAN) based store to provide data redundancy. Accordingly, dataredundancy can be provided in scenarios where a single master is in use.This data redundancy may be further bolstered by implementing a backupdatacenter with a clustered replica. The clustered replica may includevarious data partitions and/or data copies as determined by the user orDSS administrator.

Method 400 includes an act of receiving one or more changes that are tobe made to a portion of data stored in a partition of the directoryservices store (act 420). For example, single master storage system 310may receive data changes 305 that are to be made to a portion of data(e.g. primary copy 322A) stored in data partition A (321A) of data store320. These data changes may include any type of data modificationincluding adding, removing, altering or otherwise changing the data ofthe primary copy.

Method 400 also includes an act of applying the changes to the primary,writable copy of the partition (act 430). For example, single masterstorage system 310 may apply the data changes to primary, writable copy322A of data partition A (321A). These changes may be applied via adirect connection 330 established between the single master and theprimary copy of the data partition. These changes may then be propagatedto secondary copy 323A and any other secondary copies via directconnection 331. As with DSS 110 of FIG. 1, the appropriate datapartition and secondary copy may be selected by partition mapping module130 and dynamic copy locator 135, respectively.

Method 400 includes an act of promptly and automatically replicating thechanges made to the primary writable copy to the secondary read-onlycopy to which the single master storage system user is directlyconnected (act 440). For example, single master storage system 310 maypromptly and automatically replicate any changes made to primarywritable copy 322A via direct connection 330 to secondary read-only copy323A via direct connection 331. These changes may then be furtherpropagated to each of the other secondary read-only copies in thedirectory services data store 320. In this manner, a single master maybe used to receive data changes, establish a direct connection to theproper primary and secondary data copies and propagate the changes toother secondary copies and DSS masters as necessary.

Turning now to FIG. 5, FIG. 5 illustrates a computer architecture 500 inwhich the principles of the present invention may be employed. Computerarchitecture 500 includes directory services system (DSS) 510. DSS 510may be similar to or the same as DSS 110 described above. DSS 510includes data store 515 which itself includes multiple different datapartitions. As depicted in FIG. 5, data store 515 includes datapartition A (516) and other partitions not specifically labeled. Datapartition A includes a primary writable copy 517 and multiple secondaryread-only copies 518.

In some cases, DSS 510 may receive multiple simultaneous requests fordata from a plurality of different users. For example, clients A (505A),B (505B) and C (505C) may respectively send data requests 506A, 506B and506C simultaneously. DSS 510 may then determine which data partitionsstore the data requested in each of the various data requests. In somecases, as mentioned earlier, DSS 510 may determine that some data copiesare being requested more than others. Such a determination may be madeby examining the incoming data requests over a period of time.

Using this information, allocation module 525 may reallocate secondaryread-only copies to other data partitions. For example, allocationmodule 525 may determine that secondary copy 529A is not beingfrequently used and is to be removed from partition A and copied toanother partition (e.g. partition B (526B)). Thus, secondary copy 529Amay be moved to partition B and become part of that partition (i.e.secondary copy 529B). If allocation module 525 were to determine thatsecondary copies 528A and 529A were being frequently used, theallocation module would add one or more new secondary copies topartition A, depending on how many were needed to satisfy the demand.This process will be explained in greater detail below with regard tomethod 600 of FIG. 6.

FIG. 6 illustrates a flowchart of a method 600 for allocating replicasto clients in a scalable and efficient manner. The method 600 will nowbe described with frequent reference to the components and data ofenvironment 500.

Method 600 includes an act of receiving a plurality of requests frommultiple different clients for various data portions stored in adirectory services store, wherein the data portions have beenpartitioned into a plurality of data partitions, each data partitioncomprising a primary writable copy and at least one secondary read-onlycopy of the data (act 610). For example, DSS 510 may receive datarequests 506A, 506B and 506C from clients 505A, 505B and 505C,respectively, requesting various data portions stored in data store 515.It should be noted that while three clients are shown, each sending onerequest, each client may send any number of requests and there may besubstantially any number of clients sending data requests. Moreover,each data request may be for a different portion of information, or fora different operation including read, write, or both.

Method 600 includes an act of determining that one or more network,data, directory services or client characteristics indicate that thesecondary read-only copies of the partitioned data are to be dynamicallyallocated to ensure that the data is efficiently delivered to each ofthe clients (act 620). For example, DSS 510 may determine that one ormore enhancement characteristics 511 including network, data, directoryservices or client characteristics may indicate that secondary copies518 of data partition A (516) are to be dynamically allocated to ensurethat the data is efficiently delivered to each client that requesteddata. Thus, network usage data, data type characteristics, directoryservices usage information, user/client characteristics and/or any othertype of usage information or characteristics may be used to determinewhen to reallocate the secondary copies and to which data partitions thesecondary copies should be reallocated.

Method 600 includes an act of dynamically allocating the secondary datacopies to various data partitions to ensure that the data is efficientlydelivered to each of the clients (act 630). For example, allocationmodule 525 may be configured to dynamically allocate secondary copies(e.g. 528A/529A) to various data partitions (e.g. 526A/526B) to ensurethat the data is efficiently delivered to each of the clients (505A-C).Thus, as new enhancement characteristics are received, the allocation ofsecondary copies may be continually reevaluated. If DSS 510 determinesthat secondary copies are to be reallocated, allocation module 525 candynamically reallocate those copies while requests are still beingreceived at the directory services system.

These dynamic reallocations may occur automatically and dynamically,without any manual configuration. Secondary copies may be moved to otherdata partitions as the need arises. Thus, when a new copy is added, theallocation may be automatically adjusted based on the newly deployedcopies, without any manual reconfiguration. Similarly, when a copy is nolonger available (e.g. down for scheduled maintenance) the allocationmay be automatically adjusted. In some cases, special purpose copies maybe provided to guarantee a certain quality of service. These specialpurpose copies may be guaranteed to be available when requested suchthat the provider of the DSS can provide quality of service guaranteesto the client. Such special purpose copies may be available forallocation independent of any other copies.

As mentioned previously, data copies (primary and secondary) can bestored on more than one data store and even in multiple differentdatacenters. In such cases, locality-awareness may be provided for theclient where data copies are dynamically allocated based on which datasource is physically located the closest to the client. Thus, forexample, if datacenter A (705A) is closest to the user, the data copieswould be sent to the client from datacenter A. Additionally oralternatively, the data copies may be dynamically allocated based onwhich data source has the fastest network connection to the client.Other features such as asynchronous caching may be used during dynamicallocation to ensure that the user is receiving the data in a timelymanner. Thus, based on surrounding factors such as data copy usage,network usage and other characteristics, the secondary copies may becontinually reallocated to ensure that each partition has a sufficientnumber of copies to satisfy a given load of client requests.

Accordingly, a directory services system may be provided that scales toallow substantially any number of clients to request and receive data,while hiding the inner workings of the DSS such as partitioning and datacopy locating. Data partitions may be managed using a single mastersystem that establishes direct connections to the data copiesthemselves. Moreover, data copies may be dynamically reallocated todifferent data partitions in order to ensure the most efficient deliveryof data to the client.

The present invention may be embodied in other specific forms withoutdeparting from its spirit or essential characteristics. The describedembodiments are to be considered in all respects only as illustrativeand not restrictive. The scope of the invention is, therefore, indicatedby the appended claims rather than by the foregoing description. Allchanges which come within the meaning and range of equivalency of theclaims are to be embraced within their scope.

We claim:
 1. A for providing cloud scale data access to a plurality ofclients, the system comprising one or more processors, system memory,and computer-executable instructions that cause the system to perform amethod comprising: partitioning a portion of data stored in a directoryservices system into a plurality of different data partitions, whereineach data partition includes a primary writable copy and at least onesecondary read-only copy of the data, and wherein the directory servicessystem is configured to provide data to a limited number of clients;receiving a client request for a portion of the data that is stored inthe directory services system; accessing one or more stored partitionmappings to determine which of the plurality of different datapartitions includes the requested data; accessing a dynamic copy locatorto determine which of the read-only copies of the indicated partition toaccess; and providing the accessed primary writeable copy of theindicated partition and the determined read-only copy to the client in avirtualized manner which obscures the data partitions from the client.